CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
ASUS MyASUS Flaw Lets Hackers Escalate to SYSTEM-Level Access
ASUS has disclosed a high security vulnerability in its MyASUS application that could allow local attackers to escalate their privileges to SYSTEM-level access on affected Windows devices. The flaw, t ...
-
The Hacker News
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams
The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeove ...
-
CybersecurityNews
Apache Syncope Vulnerability Allows Attacker to Access Internal Database Content
A significant issue has been disclosed that affects multiple versions of the identity and access management platform. The flaw stems from a hardcoded default encryption key used for password storage, ...
-
Daily CyberSecurity
Critical Patch: NVIDIA DGX Spark Flaw (CVE-2025-33187, CVSS 9.3) Exposes AI Secrets to Takeover
NVIDIA has issued an urgent security update for its DGX Spark platform, a compact AI supercomputer designed for local development and research. The bulletin addresses a list of 14 vulnerabilities, inc ...
-
TheCyberThrone
CVE-2025-13016 affects Mozilla Firefox
November 26, 2025A newly discovered security flaw tracked as CVE-2025-13016 exposes over 180 million Firefox and Thunderbird users to potential arbitrary code execution. This high-severity vulnerabili ...
-
Daily CyberSecurity
URGENT PATCH REQUIRED: Zenitel TCIV-3+ Intercoms Hit by Multiple Critical Flaws (CVSS 9.8)
Zenitel has issued an urgent security advisory, also reported by CISA, concerning a set of critical vulnerabilities in its TCIV-3+ intercom station. The advisory details five distinct security flaws, ...
-
Daily CyberSecurity
Critical node-forge Flaw (CVE-2025-12816) Allows Signature Verification Bypass via ASN.1 Manipulation (21M Downloads/Week)
CERT/CC has issued a warning about a high-impact cryptographic vulnerability in the Forge JavaScript library — also known as the node-forge npm package — which receives nearly 21 million downloads eve ...
-
Daily CyberSecurity
8 Flaws: ASUS Routers Urgently Need Patch for Authentication Bypass (CVE-2025-59366, CVSS 9.4)
ASUS has released an urgent security update to address a sweeping list of eight potential vulnerabilities in multiple router models, spanning various components including AiCloud, bwdpi, WebDAV, and t ...
-
Daily CyberSecurity
ASUS LPE Flaw (CVE-2025-59373): High-Severity Bug Grants SYSTEM Privileges via MyASUS Component
ASUS has released critical security updates addressing a local privilege escalation (LPE) vulnerability in the ASUS System Control Interface Service, a core component used by the MyASUS application ac ...
-
Daily CyberSecurity
Chromium Reopens JPEG-XL Debate: Will Google Reinstate Support After Apple Adopted It?
As early as 2021, engineers proposed adding support for the JPEG-XL image format to the Chromium browser project. JPEG-XL, the successor to the traditional JPEG standard, offers markedly improved comp ...